Created
December 25, 2017 23:34
-
-
Save sowbug/8cc7dadb9b829d500fa71986e96c3315 to your computer and use it in GitHub Desktop.
Given a Google APIs Client ID and Client secret, get back a refresh token for Compute Engine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
"""Generates refresh token for Google API.""" | |
# This is adapted from generate_refresh_token.py in | |
# https://github.com/googleads/googleads-python-lib | |
import argparse | |
import sys | |
from oauth2client import client, GOOGLE_TOKEN_URI | |
# Your OAuth2 Client ID and Secret. If you do not have an ID and Secret yet, | |
# please go to https://console.developers.google.com and create a set. The | |
# kind you want is type "Other" | |
DEFAULT_CLIENT_ID = None | |
DEFAULT_CLIENT_SECRET = None | |
parser = argparse.ArgumentParser(description='Generates a refresh token with ' | |
'the provided credentials.') | |
parser.add_argument('--client_id', default=DEFAULT_CLIENT_ID, | |
help='Client ID retrieved from the console.') | |
parser.add_argument('--client_secret', default=DEFAULT_CLIENT_SECRET, | |
help='Client Secret retrieved from the console.') | |
parser.add_argument('--additional_scopes', default=None, | |
help='Additional scopes to apply when generating the ' | |
'refresh token. Each scope should be separated by a comma.') | |
def main(client_id, client_secret, scopes): | |
"""Retrieve and display the access and refresh token.""" | |
flow = client.OAuth2WebServerFlow( | |
client_id=client_id, | |
client_secret=client_secret, | |
scope=scopes, | |
user_agent='Command line', | |
redirect_uri='urn:ietf:wg:oauth:2.0:oob') | |
authorize_url = flow.step1_get_authorize_url() | |
print ('Log into the Google Account you use to access your ' | |
'Google Compute Engine account ' | |
'and go to the following URL: \n%s\n' % (authorize_url)) | |
print 'After approving the token enter the verification code (if specified).' | |
code = raw_input('Code: ').strip() | |
try: | |
credential = flow.step2_exchange(code) | |
except client.FlowExchangeError, e: | |
print 'Authentication has failed: %s' % e | |
sys.exit(1) | |
else: | |
print ('OAuth2 authorization successful!\n\n' | |
'Your access token is:\n %s\n\nYour refresh token is:\n %s' | |
% (credential.access_token, credential.refresh_token)) | |
if __name__ == '__main__': | |
args = parser.parse_args() | |
configured_scopes = ['https://www.googleapis.com/auth/compute'] | |
if not (any([args.client_id, DEFAULT_CLIENT_ID]) and | |
any([args.client_secret, DEFAULT_CLIENT_SECRET])): | |
raise AttributeError('No client_id or client_secret specified.') | |
if args.additional_scopes: | |
configured_scopes.extend(args.additional_scopes.replace(' ', '').split(',')) | |
main(args.client_id, args.client_secret, configured_scopes) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment